Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
File: b6add1ab-b1b1-4863-813c-c831ef37c38c.roa (raw, json)
Hash identifier: 3QNsEReJp97Jvbbi+34H6xkh52xPGnPzkBHmn0TbPTQ=
Subject key identifier: 94:6C:23:6F:E3:7B:62:E3:35:4A:7F:3C:ED:8A:09:C9:76:6F:F9:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 03303BC115C57BFEB7C65549A4876BD2E0E83219
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
Signing time: Tue 19 Nov 2024 00:00:00 +0000
ROA not before: Tue 19 Nov 2024 00:00:00 +0000
ROA not after: Tue 24 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000::/25 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:30:3b:c1:15:c5:7b:fe:b7:c6:55:49:a4:87:6b:d2:e0:e8:32:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Nov 19 00:00:00 2024 GMT
Not After : Dec 24 23:59:59 2024 GMT
Subject: serialNumber=e417f9a2994435b9ae5a34f6ad362ed3fe93ef36d5437a1d2a609ea4c832da47, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e4:b0:eb:2a:46:88:94:dd:b9:21:ad:14:59:
a2:d7:cc:9a:8c:c5:90:32:79:e2:83:39:68:05:ff:
76:0d:5e:88:ca:9d:17:23:b3:7b:79:f9:7c:b5:d7:
f5:e3:96:36:94:4a:0b:14:2b:32:2f:14:79:92:cc:
31:3b:fa:db:7f:64:30:94:82:99:91:1c:47:e6:30:
f5:73:e7:f5:45:88:58:e4:d5:da:3e:4b:7f:e7:58:
32:61:5f:ec:07:74:9a:c6:ea:68:d0:d9:1b:b9:65:
06:7c:32:a2:c4:5d:3e:3a:f6:16:95:31:d3:82:28:
d9:a7:1a:9d:71:ae:3f:d0:62:b3:6e:1b:e7:5d:f7:
1f:02:2d:44:53:de:b8:55:b3:ae:06:53:07:9c:ad:
c7:f5:f0:46:f2:50:12:61:f8:79:0f:13:c4:8d:46:
76:97:92:2c:ce:ef:cf:35:a8:3a:59:5b:f6:b0:3f:
86:c0:34:86:94:21:d4:36:f6:a2:db:13:19:98:8b:
c6:15:fe:e4:c7:75:45:b1:e2:0c:d7:89:f3:2e:3f:
77:8a:ea:e2:9d:99:58:21:92:52:04:f3:50:b6:0b:
b7:55:75:c4:c9:f4:63:a6:6b:b1:16:fc:65:a1:b3:
bd:d6:0f:15:58:65:14:59:e2:bf:db:d1:46:1f:3c:
ad:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6C:23:6F:E3:7B:62:E3:35:4A:7F:3C:ED:8A:09:C9:76:6F:F9:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b6add1ab-b1b1-4863-813c-c831ef37c38c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000::/25
Signature Algorithm: sha256WithRSAEncryption
b1:6f:6f:bc:5e:92:03:a1:e3:f4:ba:12:b5:0d:a2:2a:19:22:
97:0b:90:6b:e9:4a:8f:73:0c:89:03:53:42:8c:c5:f2:5a:97:
ee:5c:e0:4d:81:d9:b1:b2:39:83:50:b4:59:bd:88:68:e6:dc:
f5:93:aa:b9:10:cb:48:3d:e5:7c:00:06:61:55:f1:6f:8a:09:
b2:ff:ce:51:b8:04:dc:cc:af:1b:d7:61:f4:3e:b8:7d:59:39:
ea:b5:81:aa:71:99:68:4b:90:68:61:40:cb:e1:e2:ac:71:d3:
d7:e8:57:5f:35:e4:cb:66:06:9a:20:2a:44:44:20:2d:01:98:
86:a1:d8:a7:2c:77:e4:3a:e5:0c:75:46:9e:ce:2f:af:5a:ee:
08:57:70:c9:c7:a2:8e:b4:69:6b:34:cb:33:e2:de:7d:79:68:
d6:1b:2d:95:aa:28:91:84:5c:43:78:46:af:ed:95:fc:c8:f2:
1e:4b:df:ee:e0:fd:83:b4:f9:38:14:87:f5:dc:19:0a:bc:ff:
81:28:ff:8e:78:1d:cc:85:8b:c8:db:c0:b8:13:03:4d:4f:bf:
7b:9a:a1:5f:ae:27:80:f9:5b:96:16:10:fd:88:a1:78:dc:ff:
59:f5:a2:a3:57:93:2a:a3:dc:f1:3b:66:82:1c:c7:28:97:64:
03:ff:34:39
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUAzA7wRXFe/63xlVJpIdr0uDoMhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDExMTkwMDAwMDBaFw0yNDEyMjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0MTdmOWEyOTk0NDM1YjlhZTVhMzRmNmFkMzYyZWQzZmU5M2VmMzZkNTQz
N2ExZDJhNjA5ZWE0YzgzMmRhNDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzksOsqRoiU3bkhrRRZotfMmozFkDJ54oM5aAX/dg1eiMqdFyOze3n5fLXX
9eOWNpRKCxQrMi8UeZLMMTv6239kMJSCmZEcR+Yw9XPn9UWIWOTV2j5Lf+dYMmFf
7Ad0msbqaNDZG7llBnwyosRdPjr2FpUx04Io2acanXGuP9Bis24b5133HwItRFPe
uFWzrgZTB5ytx/XwRvJQEmH4eQ8TxI1GdpeSLM7vzzWoOllb9rA/hsA0hpQh1Db2
otsTGZiLxhX+5Md1RbHiDNeJ8y4/d4rq4p2ZWCGSUgTzULYLt1V1xMn0Y6ZrsRb8
ZaGzvdYPFVhlFFniv9vRRh88rQUCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBSUbCNv
43ti4zVKfzztignJdm/5STAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjZhZGQxYWItYjFiMS00ODYzLTgxM2MtYzgzMWVmMzdjMzhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFByoF0AAw
DQYJKoZIhvcNAQELBQADggEBALFvb7xekgOh4/S6ErUNoioZIpcLkGvpSo9zDIkD
U0KMxfJal+5c4E2B2bGyOYNQtFm9iGjm3PWTqrkQy0g95XwABmFV8W+KCbL/zlG4
BNzMrxvXYfQ+uH1ZOeq1gapxmWhLkGhhQMvh4qxx09foV1815MtmBpogKkREIC0B
mIah2Kcsd+Q65Qx1Rp7OL69a7ghXcMnHoo60aWs0yzPi3n15aNYbLZWqKJGEXEN4
Rq/tlfzI8h5L3+7g/YO0+TgUh/XcGQq8/4Eo/454HcyFi8jbwLgTA01Pv3uaoV+u
J4D5W5YWEP2IoXjc/1n1oqNXkyqj3PE7ZoIcxyiXZAP/NDk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:32 2024 by rpki-client on console-fra.rpki-client.org